Cryptology - Unofficial St. Mary's College of California Web Site

More documents

Recommendations

Info

242 CHAPTER 12. RSA Perhaps not surprisingly, given the last several sections, the solution to all three of these difficulties will come from the same modification: instead of working modulo 26 we will work modulo P Q, where P and Q are two (large) primes. From Euler’s generalization of Fermat’s Theorem, we know that a (P −1)(Q−1) ≡ 1 (mod P Q) whenever neither P nor Q divides a. So if we cleverly pick d (using the Euclidean Algorithm) to be the solution to ed ≡ 1 (mod (P − 1)(Q − 1)), then we have ( a e ) d ≡ a ed ≡ a (mod P Q). That is, raising to the d-th power will reverse the effect of raising the e-th power. 9 We will be able to decipher messages. Further, having two letters that become the same when enciphered will be impossible: if m e ≡ n e (mod P Q), then m ≡ m ed ≡ (m e ) d ≡ (n e ) d ≡ n ed ≡ n (mod P Q). So two letters (or messages) that are enciphered to the same letter (or message) were actually the same to start. That is, different letters are enciphered differently. Finally, there is the question of choices of e and d: are there enough so that our supposed enemy cannot stumble upon d simply by trying all the possibilities. Notice first that different choices of e can lead to the same actual encryption. We pointed this out in the case of prime moduli: if e ≡ e ′ (mod P − 1) then m e ≡ m e′ (mod P ). The same is true modulo (P − 1)(Q − 1): if if e ≡ e ′ (mod (P − 1)(Q − 1)) then m e ≡ m e′ (mod P Q). So it doesn’t actually add more choices to allow e and d to be larger than (P − 1)(Q − 1), and so there are at most (P − 1)(Q − 1) different choices for e and d. To provide for a large number of choices for e, then, we will use very large P ’s and Q’s. 12.8 RSA The RSA 10 crypto-system was invented by Ronald L. Rivest, Adi Shamir and Leonard Adelman in 1977. We have given the basics of the system. The only thing left to add is that if we are going to work modulo a large modulus, there is no need to encipher one letter at a time. We can instead use this as a polygraphic cipher. 9 This statement is the “trick” behind the cipher system we are about to explain. Make sure you understand it, looking back at Theorems 12.1 and , if necessary. 10 U.S. Patent No. 4, 405, 829, September 20, 1983, expired on September 20, 2000.
12.8. RSA 243 The RSA Algorithm Setup: Pick two prime numbers P and Q, and let N = P Q. Choose e so that 1 < e < (P − 1)(Q − 1) with gcd ( e, (P − 1)(Q − 1) ) = 1. Find d such that ed ≡ 1 (mod (P −1)(Q−1)) via the Euclidean Algorithm. To encipher: Split the message into segments M each of which is smaller than N. Compute and send the numbers M e %N. To decipher: To decipher a message block E, compute E d %N. Before we do examples there are a couple comments we need to make. Notice that when converting the plaintext into numbers we need to translate letters like a into 01 rather than simply 1. This way we can tell concatenations like 11 12 sab = 190102 and sl = 1912 apart. Next, people tend to pick P and Q to be massively large primes, one having 300 digits or a bit less, and one having 300 digits or a bit more. This makes N = P · Q to be about 600 digits long. It’s certainly not any trouble for a computer to store a 600 digit number (in a text file this is only about eight lines of numbers). Conversely, it is quite common choose P and Q so that 3 does not divide either P − 1 or Q − 1, and then simply use e = 3 for enciphering. 13 Finally, the RSA code seems quite difficult to break (for reasons we will see in a moment) as long as P and Q are this large. However, RSA is very slow compared to the popular private key codes available today. So most messages are sent in two parts. The first part of the message would say something like “Use DES with key key” and be enciphered using RSA, while the second part, the much longer portion, would contain the actual message enciphered using DES with the key sent in part one. Examples: (1) Use P = 19, Q = 13, e = 23. 1. Encipher code as a monographic cipher (i.e., one letter at a time). First N = P ·Q = 247. Then, performing the necessary computations (but not writing the details, such as the binary charts), we have 11 This translation means that the largest two-letter block is 2626, the largest three-letter block is 262626, etc. We need to make sure to pick N so it is larger than the largest block in whatever block size we pick. 12 There are more compact ways to translate letter blocks into numbers. For example, setting z=0 rather than 26, and then using (p1, p2) → 26 ∗ p1 + p2 for two-letter blocks and (p1, p2, p3) → 676 ∗ p1 + 26 ∗ p2 + p3 for three-letter blocks provides for more compact usage. But we will stick with concatenation. 13 2 16 + 1 is another popular choice for e, due to its simple binary expansion.
Page 1 and 2:
Cryptology: An Historical Introduct
Page 3 and 4:
Contents List of Figures 8 1 Caesar
Page 5 and 6:
CONTENTS 5 9 Digraphic Ciphers 167
Page 7 and 8:
List of Figures 1.1 Saint Cyr Slide
Page 9 and 10:
Chapter 1 Caesar Ciphers There are
Page 11 and 12:
11 Examples: Encipher or decipher t
Page 13 and 14:
1.1. SAINT CYR SLIDE 13 paper turne
Page 15 and 16:
1.3. FREQUENCY ANALYSIS 15 PX PBEE
Page 17 and 18:
1.3. FREQUENCY ANALYSIS 17 A bit mo
Page 19 and 20:
1.3. FREQUENCY ANALYSIS 19 Examples
Page 21 and 22:
1.4. LINQUIST’S METHOD 21 the cip
Page 23 and 24:
1.7. EXERCISES 23 12. What is the m
Page 25 and 26:
1.7. EXERCISES 25 (d) VTXLTKBTG LXV
Page 27 and 28:
1.7. EXERCISES 27 (d) IKSUT JKIOT K
Page 29 and 30:
Chapter 2 Cryptologic Terms Cryptog
Page 31 and 32:
Chapter 3 The Introduction of Numbe
Page 33 and 34:
3.1. THE REMAINDER OPERATOR 33 Exam
Page 35 and 36:
3.1. THE REMAINDER OPERATOR 35 Perf
Page 37 and 38:
3.1. THE REMAINDER OPERATOR 37 As a
Page 39 and 40:
3.2. MODULAR ARITHMETIC 39 While %
Page 41 and 42:
3.3. DECIMATION CIPHERS 41 previous
Page 43 and 44:
3.4. DECIPHERING DECIMATION CIPHERS
Page 45 and 46:
3.6. KOBLITZ’S KID-RSA AND PUBLIC
Page 47 and 48:
3.6. KOBLITZ’S KID-RSA AND PUBLIC
Page 49 and 50:
3.9. EXERCISES 49 8. How do we enci
Page 51 and 52:
3.9. EXERCISES 51 (c) Encipher 54 4
Page 53 and 54:
3.9. EXERCISES 53 (b) Encipher secr
Page 55 and 56:
Chapter 4 The Euclidean Algorithm I
Page 57 and 58:
4.2. GCD’S AND THE EUCLIDEAN ALGO
Page 59 and 60:
4.3. MULTIPLICATIVE INVERSES 59 (2)
Page 61 and 62:
4.3. MULTIPLICATIVE INVERSES 61 (2)
Page 63 and 64:
4.4. DECIPHERING DECIMATION AND LIN
Page 65 and 66:
4.5. BREAKING DECIMATION AND LINEAR
Page 67 and 68:
4.6. SUMMARY 67 To put it more blun
Page 69 and 70:
4.8. EXERCISES 69 5. Here we work w
Page 71 and 72:
Chapter 5 Monoalphabetic Ciphers He
Page 73 and 74:
5.2. KEYWORD MIXED CIPHERS 73 Examp
Page 75 and 76:
5.4. INTERRUPTED KEYWORD CIPHERS 75
Page 77 and 78:
5.6. BASIC LETTER CHARACTERISTICS 7
Page 79 and 80:
5.7. ARISTOCRATS 79 the 69971 or 42
Page 81 and 82:
5.9. TOPICS AND TECHNIQUES 81 5.9 T
Page 83 and 84:
5.10. EXERCISES 83 (h) DYVTP KKIQ.
Page 85 and 86:
5.10. EXERCISES 85 13. Ciphers in w
Page 87 and 88:
5.10. EXERCISES 87 17. General Pier
Page 89 and 90:
Chapter 6 Decrypting Monoalphabetic
Page 91 and 92:
6.2. DECRYPTING MONOALPHABETIC CIPH
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
6.3. SUKHOTIN’S METHOD FOR FINDIN
Page 99 and 100:
6.4. FINAL MONOALPHABETIC TRICKS 99
Page 101 and 102:
6.5. SUMMARY 101 our ciphertext muc
Page 103 and 104:
6.7. EXERCISES 103 Frequency count:
Page 105 and 106:
6.7. EXERCISES 105 53++!305))6*;482
Page 107 and 108:
6.7. EXERCISES 107 93 93 82 48 39 6
Page 109 and 110:
Chapter 7 Vigenère Ciphers It was
Page 111 and 112:
7.2. TRITHEMIUS, THE FATHER OF BIBL
Page 113 and 114:
7.3. BELASO, THE UNKNOWN AND PORTA,
Page 115 and 116:
7.4. VIGENÈRE CIPHERS 115 to encip
Page 117 and 118:
7.6. HOW TO BREAK VIGENÈRE CIPHERS
Page 119 and 120:
7.6. HOW TO BREAK VIGENÈRE CIPHERS
Page 121 and 122:
7.7. THE KASISKI TEST 121 Kasiski
Page 123 and 124:
7.8. SUMMARY 123 Repetition Start P
Page 125 and 126:
7.10. EXERCISES 125 2. Little Miss
Page 127 and 128:
7.10. EXERCISES 127 to Gen. E. K. S
Page 129 and 130:
7.10. EXERCISES 129 MEJMY JKXCD LCN
Page 131 and 132:
7.10. EXERCISES 131 22. (a) Use Kas
Page 133 and 134:
7.10. EXERCISES 133 (a) Construct a
Page 135 and 136:
Chapter 8 Polyalphabetic Ciphers Th
Page 137 and 138:
8.1. COINCIDENCES 137 (being born o
Page 139 and 140:
8.2. THE MEASURE OF ROUGHNESS 139 I
Page 141 and 142:
8.2. THE MEASURE OF ROUGHNESS 141 P
Page 143 and 144:
8.3. THE FRIEDMAN TEST 143 The Frie
Page 145 and 146:
8.4. MULTIPLE ENCIPHERINGS 145 Bein
Page 147 and 148:
8.4. MULTIPLE ENCIPHERINGS 147 Just
Page 149 and 150:
8.5. VIGENÈRE’S AUTO KEY CIPHER
Page 151 and 152:
8.5. VIGENÈRE’S AUTO KEY CIPHER
Page 153 and 154:
8.6. PERFECT SECRECY 153 invent now
Page 155 and 156:
8.8. TERMS AND TOPICS 155 multiple
Page 157 and 158:
8.9. EXERCISES 157 6. As is this on
Page 159 and 160:
8.9. EXERCISES 159 13. It has been
Page 161 and 162:
8.9. EXERCISES 161 This is Equation
Page 163 and 164:
8.9. EXERCISES 163 A: AB CDE FGH I
Page 165 and 166:
8.9. EXERCISES 165 26. Decipher SVQ
Page 167 and 168:
Chapter 9 Digraphic Ciphers Althoug
Page 169 and 170:
9.1. POLYGRAPHIC CIPHERS 169 f a g
Page 171 and 172:
9.2. HILL CIPHERS 171 th 2.96 es 1.
Page 173 and 174:
9.2. HILL CIPHERS 173 We will be us
Page 175 and 176:
9.3. RECOGNIZING AND BREAKING POLYG
Page 177 and 178:
9.4. PLAYFAIR 177 Playfair Ciphers:
Page 179 and 180:
9.5. SUMMARY 179 9.5 Summary Polygr
Page 181 and 182:
9.7. EXERCISES 181 (b) The use of
Page 183 and 184:
9.7. EXERCISES 183 10. Just as we c
Page 185 and 186:
9.7. EXERCISES 185 (d) (For those(
Page 187 and 188:
9.7. EXERCISES 187 The rules that W
Page 189 and 190:
Chapter 10 Transposition Ciphers In
Page 191 and 192: 10.3. TURNING GRILLES 191 1 2 3 7 4
Page 193 and 194: 10.4. COLUMNAR TRANSPOSITION 193 co
Page 195 and 196: 10.5. TRANSPOSITION VS. SUBSTITUTIO
Page 197 and 198: 10.6. LETTER CONNECTIONS 197 F 2 G
Page 199 and 200: 10.7. BREAKING THE COLUMNAR TRANSPO
Page 201 and 202: 10.8. DOUBLE TRANSPOSITION 201 Sinc
Page 203 and 204: 10.9. TRANSPOSITION DURING THE CIVI
Page 205 and 206: 10.9. TRANSPOSITION DURING THE CIVI
Page 207 and 208: 10.10. THE BATTLE OF THE CIVIL WAR
Page 209 and 210: 10.13. EXERCISES 209 14. What is a
Page 211 and 212: 10.13. EXERCISES 211 and the second
Page 213 and 214: 10.13. EXERCISES 213 evening Adam h
Page 215 and 216: 10.13. EXERCISES 215 Several codewo
Page 217 and 218: 10.13. EXERCISES 217 4. (which is t
Page 219 and 220: Chapter 11 Knapsack Ciphers Merkle
Page 221 and 222: 11.3. AN EASY KNAPSACK PROBLEM 221
Page 223 and 224: 11.4. THE KNAPSACK CIPHER SYSTEM 22
Page 225 and 226: 11.4. THE KNAPSACK CIPHER SYSTEM 22
Page 227 and 228: 11.5. PUBLIC KEY CIPHER 227 Even wi
Page 229 and 230: 11.8. EXERCISES 229 2. Given the we
Page 231 and 232: Chapter 12 RSA Take two large prime
Page 233 and 234: 12.1. FERMAT’S THEOREM 233 Exampl
Page 235 and 236: 12.3. COMPLICATION II: A SUBSTANTIA
Page 237 and 238: 12.3. COMPLICATION II: A SUBSTANTIA
Page 239 and 240: 12.5. COMPLICATION IV: THE LAST ONE
Page 241: 12.6. PUTTING IT ALL TOGETHER 241 1
Page 245 and 246: 12.9. RSA AND PUBLIC KEYS 245 There
Page 247 and 248: 12.10. HOW TO BREAK RSA 247 had to
Page 249 and 250: 12.12. SUMMARY 249 cannot read the
Page 251 and 252: 12.14. EXERCISES 251 6. What is a
Page 253 and 254: 12.14. EXERCISES 253 Bob is going t
Page 255 and 256: Bibliography [Antonucci] Michael An
Page 257: BIBLIOGRAPHY 257 [Shamir] [SRA] A.
show all

Cryptology - Unofficial St. Mary's College of California Web Site

Create successful ePaper yourself

Delete template?

Save as template?